package com.dongdongshop.seller.shiro;

import com.alibaba.dubbo.config.annotation.Reference;
import com.dongdongshop.operator.pojo.TbSeller;
import com.dongdongshop.operator.service.SellerService;
import org.apache.shiro.authc.*;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.apache.shiro.util.ByteSource;

public class Realm extends AuthorizingRealm {

    @Reference(check = false,timeout = 50000)
    private SellerService sellerService;

    @Override
    protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principalCollection) {
        System.out.println("执行授权逻辑");
        return null;
    }

    @Override
    protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken authenticationToken)
            throws AuthenticationException {
        System.out.println("执行认证逻辑");
        //取出账号 密码
        UsernamePasswordToken token=(UsernamePasswordToken)authenticationToken;
        String username = token.getUsername();
        //从数据库查询用户
        TbSeller Seller = sellerService.selectById(username);
        if(Seller == null){
            return null;
        }
        //判断密码是否正确
        //4个参数  第一个：登录成功后的用户对象    第二个：用户的密文密码和加的盐
        //第三个：校验密码是否正确      第四个：登录成功后的用户名
        return new SimpleAuthenticationInfo(Seller,Seller.getPassword(),ByteSource.Util.bytes(Seller.getSalt()),Seller.getSellerId());
    }
}
